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DETAILED ACTION 

1. Claims 1-48 have been examined. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

3. Claim 1 is rejected under 35 U.S.C. 102(e) as being clearly anticipated by Jain et al. U.S. 
Pat. No. 6047325 (hereinafter Jain). 

4. As per claim 1, Jain discloses a system comprising: a set of filters (Jain; column 2 lines 8- 
18); a mapping of virtual addresses to network addresses (Jain: column 1 line 65 - column 2 line 
67); and a controller, coupled to the set of filters and the mapping, to, access, upon receipt of a 
data packet requested to be sent from a computing device to a target device via a network (Jain: 
colunm 1 line 65 - column 2 line 67), the set of filters and detennihe^wliether the^data packet can^ 
be sent to the target device based on whether the computing device is allowed to communicate 
with the target device (Jain: column 1 line 65 - column 2 line 67), replace, based on the 
mapping, the target address in the data packet with a corresponding target network address (Jain: 
column 1 line 65 - column 2 line 67); and forward the data packet to the target device at the 
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target network address if it is determined the data packet can be sent to the target device (Jain: 
column 1 line 65 - column 2 line 67). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 2 and 3 are rejected under 35 U.S.C. 103(a) as being xmpatentable over Jain in 
view of Audebert U.S. Pat. No. 6694436 (hereinafter Audebert). 

7. As per claim 2, Jain discloses a system as recited in claim 1. Jain does not explicitly 
disclose wherein the controller is fiirther to prevent the computing device from modifying any of 
the filters in the set of filters. However, Audebert discloses prevent unauthorized modification to 
the filter program (Audebert: column 6 lines 46-61 and column 12 lines 5-16). It would have 
been obvious to one having ordinary skill in the art to prevent modification to the packet filters 
in a filter-program.JTherefore, it would haye been j)bvious to one having ordinary skill in the art 
to combine the teachings of Audebert within the system of Jain because it increases the security 
of packet filter by preventing modification to the program to bypass the filters. 
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8. As per claim 3, Jain discloses a system as recited in claim 1 . Jain does not explicitly 
disclose wherein the computing device includes the. system. However, Audebert discloses that 
limitation (Audebert: column 6 lines 46-61 and column 12 lines 5-16). 

9. Claims 4, 39, 44, and 45 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Jain in view of Boden et al. U.S. Pat. No. 6717949 (hereinafter Boden). 

10. As per claim 4, 39, 44, and 45. Jain discloses a system as recited in claim 1. Jain does not 
explicitly disclose wherein the controller is to make the computing device aware of the virtual 
addresses in the mapping but to hide the network addresses in the mapping from the computing 
device. However, Boden discloses that limitation (Boden: column 1 line 26 - column 2 line 9). 
Using address translation and hide address to increase network security is well known in the art. 
Therefore, it would have been obvious to one having ordinary skill in the art to combine the 
teachings of Boden within the system of Jain. 

11. Claims 5,6, 28-32, 34-36, 38 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Jain in view of Coss et al. U.S. Pat. No. 6141749 (hereinafter Coss) and fiirther in view of 
Dennis et al. U.S. Pat. No. 6466932 (hereinafter D~ennis)*or^fiihher in View of Epstein; ffi et al."^ 
U.S. Pat. No. 6684335 (hereinafter Epstein). 

12. As per claim 5, Jain discloses a system as recited in claim 1. Jain does not explicitly 
disclose wherein the controller is fiirther to allow the set of filters to be modified by a plurality of 
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remote devices operating at a plurality of different managerial levels. However, Coss discloses 
remote proxy or administrator loads filters (Coss: column 9 lines 7-18). It would have been 
obvious to one having ordinary skill in the art to combine the teachings of Coss within the 
system of Jain because it is well known in the art. 

Jain as modified does not explicitly disclose plurality of remote devices operating at plurality of 
different managerial level. However, Dennis discloses that limitation (Deimis: abstract and 
column 9 lines 52-67). It would have been obvious to one having ordinary skill in the art to 
combine the teachings of Dennis within the combination of Jain-Coss because it increases 
security by using administrator at different layers. Altematively, Epstein discloses that limitation 
as well (Epstein: colunm 1 line 23 - colunm 2 line 50 and column 16 lines 27-41). It would have 
been obvious to one having ordinary skill in the art to combine the teachings of Epstein within 
the combination of Jain-Coss because it increases security and prevents internal security breach 
by using multiple administrators. 

13. As per claim 6, 28, 34, 35, and 36, Jain as modified discloses a system as recited in 5. 
Jain as modified further discloses the system comprising allowing the set of filters to be modified 
by a lower managerial level remote device only if the modifications are not less restrictive than 
modifications imposed by a higher managerial level remote device (Dennis: abstract Sfd column 
9 lines 52-67; Epstein: column 1 line 23 - column 2 line 50 and column 16 lines 27-41). 

14. As per claim 29, Jain as modified discloses a method as recited in claim 28. Jain as 
modified further discloses wherein the preventing comprises: receiving a request fi"om the lower 
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managerial level device to modify the set of filters (Dennis: abstract and column 9 lines 52-67; 
Epstein: column 1 line 23 - colunm 2 line 50 and column 16 lines 27-41); determining whether 
the requested modification would result in, a violation of a filter previously added to the set of 
filters by the higher managerial device (Dennis: abstract and column 9 lines 52-67; Epstein: 
column 1 line 23 - column 2 line 50 and column 16 lines 27-41); and performing the requested 
modification if the requested modification would not result in a violation, and otherwise not 
performing the requested modification (Dennis: abstract and column 9 lines 52-67; Epstein: 
column 1 line 23 - column 2 line 50 and column 16 lines 27-41). 

15. As per claim 30 and 37, Jain as modified discloses a method as recited in claims 29 and 
35 respectively. Jain as modified fiirther discloses wherein the requested modification comprises 
one or more of: adding a filter to the set of filters, modifying a filter in the set of filters, and 
deleting a filter fi-om the set of filters (Coss: column 2 lines 30-43). 

16. As per claim 31, Jain as modified discloses a method as recited in claim 28, wherein the 
violation occurs if the modification would result in a filter being less restrictive that the filter 
added by the higher managerial level device (Dennis: abstract and column 9 lines 52-67). 

17. As per claim 32 and 38, Jain as modified discloses a method as recited in claims 28 and 
35 respectively. Jain as modified fiirther comprising preventing the computing device fi-om 
modifying the set of filters. (Audebert: column 6 lines 46-61 and column 12 lines 5-16). 
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18. Claims 7, 9, 19, 20, and 21-24 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Jain in view of Coss and further in view of Audebert. 



19. As per claim 7, 19, and 20, Jain discloses maintaining, at a computing device, a set of 
filters that restrict the ability of the computing device to communicate with other computing 
devices (Jain: column 1 line 65 - column 2 line 67). Jain does not expUcitly disclose allowing the 
set of fihers to be modified from a remote device and preventing the computing device fi-om 
modifying the set of filters. However, Coss discloses that limitation (Coss: column 9 lines 7-18). 
It would have been obvious to one having ordinary skill in the art to combine the teachings of 
Coss within the system of Jain because it is well known in the art. 

Jain as modified does not explicitly disclose preventing the computing device from modifying 
the set of filters. However, Audebert discloses that preventing unauthorized modification to filter 
software (Audebert: column 6 lines 46-61 and column 12 lines 5-16). It would have been 
obvious to one having ordinary skill in the art to prevent modification to the packet filters in a 
filter program. Therefore, it would have been obvious to one having ordinary skill in the art to 
combine the teachings of Audebert within the combination of Jain-Coss because it increases the 
security of packet filter by preventing modification to the program to bypass the filters. 

20. As per claim 9 and 22, Jain as modified discloses a method as recited in claims 7 and 20 
respectively. Jain as modified further discloses wherein modification of the set of filters includes 
one or more of: adding a new filter to the set of filters, deleting a filter fi-om the set of fihers, and 
changing one or more parameters of a filter in the set of filters (Coss: column 2 lines 30-43). 
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21 . As per claim 21, Jain as modified discloses a network mediator as recited in claim 20. 
wherein the controller is further to access, upon receipt of another data packet fi*om another 
target device via the network, the set of filters and determine whether the data packet can be 
received at the computing device based on whether the computing device is allowed to receive 
communications fi-om the other target device (Jain: column 1 line 65 - column 2 line 67). 

22. As per claim 23 and 24, Jain as modified discloses a network mediator as recited in claim 
20, wherein the network mediator is coupled to the computing device (Audebert: column 6 lines 
46-61 and column 12 lines 5-16). 

23. Claims 8 and 17 are rejected under 35 U.S.C, 103(a) as being unpatentable over Jain in . 
view of Coss and fiirther in view of Audebert and fiirther in view of Boden et al. U.S. Pat. No. 
6266707 (hereinafter Boden2). 

24. As per claim 8, Jain as modified discloses a method as recited in claim 7. Jain as 
modified does not explicitly discloses wherein restriction of the ability of the computing device 

to communicate with other computing devices comprises restricting tlie computing device from - — - 
transmitting data packets to one or more other computing devices. However, Boden2 discloses 
that limitation (Boden: column 1 lines 32-42). It is well known in the art to filter packets for 
incoming and outgoing packets. Therefore, it would have been obvious to one having ordinary 
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skill in the art to combine the teachings of Boden2 within the combination of Jain-Coss- 
Audebert. 

25. As per claim 17, Jain as modified discloses a method as recited in claim 7. Jain as 
modified does not expHcitly disclose wherein each filter includes a plurality of filter parameters, 
and wherein each of the plurality of filter parameters can include wildcard values. However, 
Boden2 discloses that limitation (Boden2: column 7 line 66 - column 8 line 22). It would have 
been obvious to one having ordinary skill in the art to combine the teachings of Boden2 within 
the combination of Jain-Coss-Audebert because packet filters are set by administrators based on 
different needs and requirements. 

26. Claims 10-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in view 
of Coss and further in view of Audebert and further in view of Mayes et al. U.S. Pat. No. 
6510154 (hereinafter Mayes). 

27. As per claim 10, Jain as modified discloses a method as recited in claim 7. Jain as 
modified does not explicitly disclose wherein one or more filters in the set of filters restrict one 
or more of the transmission of data packets of a particular type frorn the coihputing device and - - 
reception of data packets of a particular type at the computing device. However, Mayes discloses 
that limitation (Mayes: abstract and column 1 line 9 and column 2 line 32). It is well known in 
the art to filter packets based on their type. Therefore, it would have been obvious to one having 
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ordinary skill in the art to combine the teachings of Mayes within the combination of Jain-Coss- 
Audebert. 

28. As per claim 1 1, Jain as modified discloses a method as recited in claim 7. Jain as 
modified further discloses wherein one or more filters in the set of filters restrict one or more of 
the transmission of Internet Protocol (TP) data packets from the computing device and reception 
of IP data packets at the computing device based on one or more of: a source address, a 
destination IP address, a source port, a destination port, and a protocol (Jain: column 2 lines 8-18 
and abstract). 

29. As per claim 12, Jain discloses a method as recited in claim 7, Jain further discloses 
wherein one or more filters in the set of filters identifies that a data packet targeting a particular 
address can be transmitted from the computing device to the addressed device, and further 
identifies a new address that the particular address from the data packet is to be changed to prior 
to being communicated to the addressed device (Jain: column 1 line 65 - column 2 line 18). 

30. As per claim 13, Jain discloses a method as recited in claim 7. Jain as modified discloses 
wherein one of the filters in the set of filters is a permissive filter ttoat indicates a'data packet can 
be passed to its targeted destination device if the data packet parameters match corresponding 
parameters of the filter (Coss: column 1 lines 20-24). 
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31. As per claim 14, Jain as modified discloses a method as recited in claim 7. Jain as 
modified fiirther discloses wherein one of the fihers in the set of filters is an exclusionary filter 
that indicates a data packet cannot be passed to its targeted destination device if the data packet 
parameters match corresponding parameters of the filter (Coss: column 1 lines 20-24). 

32. Claims 15 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in 
view of Coss and fiirther in view of Audebert and fiirther in view of Dennis or further in view of 
Epstein. 

33. As per claim 15, Jain as modified discloses a method as recited in claim 7. Jain as 
modified fiirther discloses allowing comprises allowing the set of filters to be modified by a 
remote devices (Coss: column 9 lines 7-18). Jain as modified does not explicitly disclose 
plurality of remote computing devices operating at a plurality of different managerial levels. 
However, Dennis discloses that limitation (Dennis: abstract and column 9 lines 52-67). It would 
have been obvious to one having ordinary skill in the art to combine the teachings of Dennis 
within the combination of Jain-Coss-Audebert because it increases security by using 
administrator at different layers. Altematively, Epstein discloses that limitation as well (Epstein: 
column 1 line 23 - column 2 line 50 and column 16 lines 27-41^. It would have been obvious to 
one having ordinary skill in the art to combine the teachings of Epstein within the combination of 
Jain-Coss-Audebert because it increases security and prevents internal security breach by using 
multiple administrators. 
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34. As per claim 16, Jain as modified discloses a method as recited in 15. Jain as modified 
further discloses comprising allowing the set of filters to be modified by a lower managerial 
level remote device only if the modifications are not less restrictive than modifications imposed 
by a higher managerial level remote device (Dennis: abstract and column 9 lines 52-67; Epstein: 
column 1 line 23 - column 2 line 50 and column 16 lines 27-41). 

35. Claims 18 and 25-27 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jain 
in view of Coss and further in view of Audebert and further in view of Chopra et al. U.S. Pat. 
No. 6510509 (hereinafter Chopra). 

36. As per claim 18 and 25, Jain as modified discloses a method as recited in claims 7 and 20 
respectively. Jain as modified does not explicitly disclose wherein the set of filters restrict the 
ability of the computing device to communicate with other computing devices on a per-data 
packet basis, wherein each filter includes a plurality of filter parameters, and wherein each filter 
parameter includes a filter value and a mask value indicating which portions of the filter value 
must match a corresponding parameter in a data packet for the data packet to satisfy the filter. 
However, Chopra discloses that limitation (Chopra: column 4 lines 25-56). It is well known in 

the art to filter packets according to mask values. Therefore, iFwould have been obvioiis to one 

having ordinary skill in the art to combine the teachings of Chopra within the combination of 
Jain-Coss- Audebert. 
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37. As per claim 26 and 27, Jain as modified discloses a network mediator as recited in claim 
25. Jain as modified further discloses wherein the controller is to allow/prevent the data packet to 
be forwarded to the target device if the data packet satisfies the filter (Jain: column 1 line 65 - 
column 2 line 18 and abstract; Coss: column 1 lines 20-24). 

38. Claim 33 is rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in view of 
Coss and fiirther in view of Audebert and further in view of Dennis or Epstein and further in 
view of Chopra. 

39. As per claim 33, Jain as modified discloses a method as recited in claim 28. Jain as 
modified does not explicitly disclose wherein the set of filters restrict the ability of the 
computing device to communicate with other computing devices on a per-data packet basis, 
wherein each filter includes a plurality of filter parameters, and wherein each filter parameter 
includes a filter value and a mask value indicating which portions of the filter value must match 
a corresponding parameter in a data packet for the data packet to satisfy the filter. However, 
Chopra discloses that limitation (Chopra: column 4 lines 25-56). It is well known in the art to 
filter packets according to mask values. Therefore, it would have been obvious to one having 
ordinary skill in the art to combine the teachings of Chopra within the combination of Jain-Coss- 
Audebert-Dennis-Epstein. 

40. Claims 40 and 41 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in 
view of Boden and further in view of Taylor et al. U.S. Pat. No. 6728885 (hereinafter Taylor). 
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41 . As per claim 40 and 41 , Jain as modified discloses a method as recited in claim 39. Jain 
as modified discloses address translation, which is well known in the art. Jain as modified does 
not explicitly disclose wherein the replacing comprises performing the replacing transparent to 
the computing device. However, Taylor discloses that limitation (Taylor: column 2 line 47 - 
column 3 line 9). It is well knovm in the art to address translation, which is transparent. 
Therefore, it would have been obvious to one having ordinary skill in the art to combine the 
teachings of Taylor within the combination of Jain-Boden because it increase network security 
by prohibiting external network to view the actual address of a target device. 

42. Claims 42 and 48 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in 
view of Boden and further in view of Coss and fiirther in view of Audebert. 

43. As per claim 42 and 48, Jain as modified discloses a method as recited in claims 39 and 
45 respectively. Jain as modified fiirther discloses maintaining, at the computing device, a set of 
filters that fiirther restrict the ability of the computing device to communicate with other 
computing devices (Jain: column 2 lines 8-18). 

Jain as modified does n'bf explicitly disclose allowing'the set of filterslo be modified fi'om a — 
remote device and preventing the computing device fi"om modifying the set of filters. However, 
Coss discloses that limitation (Coss: column 9 lines 7-18). It would have been obvious to one 
having ordinary skill in the art to combine the teachings of Coss within the combination of Jain- 
Boden because it is well known in the art. 
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Jain as modified does not explicitly disclose preventing the computing device from modifying 
the set of filters. However, Audebert discloses that preventing unauthorized modification to filter 
software (Audebert: column 6 lines 46-61 and column 12 lines 5-16). It would have been 
obvious to one having ordinary skill in the art to prevent modification to the packet filters in a 
filter program. Therefore, it would have been obvious to one having ordinary skill in the art to 
combine the teachings of Audebert within the combination of Jain-Boden-Coss because it 
increases the security of packet filter by preventing modification to the program to bypass the 
filters. 

44. Claim 43 is rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in view 
Boden and further in view of Coss and further in view of Dennis or Epstein. 

45. As per claim 43, Jain as modified discloses a method as recited in claim 39. Jain as 
modified further comprising: maintaining a set of filters that restrict the ability of the computing 
device to communicate with other computing devices (Jain: column 2 lines 8-18). Jain as 
modified does not explicitly disclose allowing multiple remote computing devices, each 
corresponding to a preventing a lower managerial level device from modifying the set of filters 

in a manner that would result in a violation of a filter added by a higher managerialievel deviee: - 
However, Coss discloses remote proxy or administrator loads filters (Coss: column 9 lines 7-18). 
It would have been obvious to one having ordinary skill in the art to combine the teachings of 
Coss within the combination of Jain-Boden because it is well known in the art. 
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Jain as modified does not explicitly disclose plurality of remote devices operating at plurality of 
different managerial level. However, Dennis discloses that limitation (Dennis: abstract and 
column 9 lines 52-67). It would have been obvious to one having ordinary skill in the art to 
combine the teachings of Dennis within the combination of Jain-Boden-Coss because it increases 
security by using administrator at different layers. Alternatively, Epstein discloses that limitation 
as well (Epstein: column 1 line 23 - column 2 line 50 and column 16 lines 27-41). It would have 
been obvious to one having ordinary skill in the art to combine the teachings of Epstein within 
the combination of Jain-Boden-Coss because it increases security and prevents internal security 
breach by using multiple administrators. 

46. Claims 46 and 47 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jain in 
view of Boden and further in view of Audebert. 

47. As per claim 46 and 47, Jain as modified discloses a network mediator as recited in claim 
45. Jain as modified does not explicitly discloses wherein the network mediator is 
communicatively coupled to the computing device. However, Audebert discloses that limitation 
(Audebert: column 6 lines 46-61 and column 12 lines 5-16). It would have been obvious to one 
having ordinary skill in the art to combine the teachings of AudeberFwithin'the combination of " " 
Jain-Boden because it is well known in the art to provide local filter software to prevent local 
computers fi"om receiving malicious packets. 
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Response to Arguments 

48. Applicant's arguments filed on 1 1/26/04 have been fully considered but they are not 
persuasive. 

49. Regarding claim 1, applicant argues that the Jain reference is silent on "replace, based on 
mapping, the target address in the data packet with a corresponding target network address" and 
Jain reference only disclose "translation table" which not necessarily mean translating address. 
However, Jain specifically discloses address translation table (Jain: column 2 lines 7-8) and the 
address translation table is used to replace the target address with a corresponding target network 
address. Therefore, applicant's argument is respectfiilly traversed. 

50. Also regarding claim 1, applicant argues that the reference does not disclose bi- 
directional fihering. However, the independent claim does not disclose bi-directional filtering. 
Therefore, the argument is moot. 

5 1 . Regarding claims 2 and 3, in response to applicant's argument that it is improper to 
combine the references where the references teach away fi-om their combination, the test for 

obviousness is not whether the featixres of a secondary reference may be bbdily incorporated into — - 

the structure of the primary reference; nor is it that the claimed invention must be expressly 
suggested in any one or all of the references. Rather, the test is what the combined teachings of 
the references would have suggested to those of ordinary skill in the art. See In re Keller, 642 
F.2d 413, 208 USPQ 871 (CCPA 1981). Also, the Audebert reference is relied upon to disclose 
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protecting filter program from unauthorized modification, not the limitations that are not 
disclosed in the claims. 

52. Regarding claims 4, 39, 44, and 45, appHcant argues that the combination of Jain-Boden 
is improper because the proposed modification cannot render the prior art unsatisfactory for its 
intended purpose. Applicant also cited Jain reference (column 5 line 20 et seq.) to indicate that 
additional security may be provided by binding machines to both the MAC and IP addresses and 
having filters that check both the MAC and IP address of a source of a message. However, the 
portion of the Jain reference cited by applicant is directed to filtering fimction not the address 
translation function and one with ordinary skill in the art would understand that address 
translation is to hide internal network address. Therefore, the Boden reference is relied upon is 
explicitly pointing out the importance of the address translation function and applicant's 
argument is respectfully traversed. 

53. Regarding claims 5, 6, 28-32, 34-36, and 38, in response to applicant's argument that 
there is no suggestion to combine the references, the examiner recognizes that obviousness can 
only be established by combining or modifying the teachings of the prior art to produce the 
claimed invention where there is some teaching, suggestion, or motivafioh to doTso'found either 
in the references themselves or in the knowledge generally available to one of ordinary skill in 
the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988)and In re Jones, 958 
F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). In this case, the method of using hierarchical 
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management to restrict authority to perform tasks can be applied to different network functions 
not restricted to firewall and filter functions. 

54. Regarding claims 7, 9, and 19-24, In response to applicant's argument that there is no 
suggestion to combine the references, the examiner recognizes that obviousness can only be 
established by combining or modifying the teachings of the prior art to produce the claimed 
invention where there is some teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to one of ordinary skill in the art. 
See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988)and In re Jones, 958 F.2d 347, 
21 USPQ2d 1941 (Fed. Cir. 1992). In this case, it would have been obvious to one having 
ordinary skill in the art at the time of applicant's to protect the filtering software from being 
modified by the computing device regardless of what the environment the filter program is 
engaged in so that security can be maintained. 

55. Regarding claims 8 and 1 7, applicant argues that Boden2 does not explicitly disclose 
each of the plurality of filter parameter can include wildcard values. However, Boden2 discloses 
that some of the filter parameters allows the special value to be specified as long as it's 
necessary. Therefore, as long as the wildcard value is not strictly required forlhe filter 
parameter, there is no significant difference between some of the filter parameters allows the 
special value to be specified and each of the filter parameter can include wildcard values. 
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56. Regarding claims 10-14, applicant argues that Mayes reference does not explicitly 
disclose block outbound packets. However, the limitations of claims 10-14 do not emphasize the 
limitation of bi-directional communication. 

57. Regarding claims 15 and 16, same rationale is applied as above in response to claims 5, 
6, 28-32, 34-36, and 38. 

58. Regarding claims 18 and 25-27, applicant argues that the Chopra reference is silent on 
outgoing packets. However, the claim language does not explicitly disclose bi-directional 
communication. 

59. Regarding claim 33, argument regarding claim 33 has been answered in the above related 
issues. 

60. Regarding claims 40 and 41, applicant argues that the Taylor reference does not replace 
one piece of information with another. However, applicant admitted that the Taylor reference 
discloses the transparency function replaces the EP address of a host on the intemal protected 

network with its own IP address for all traffic passing thrbugh, which replaces the address. 

Taylor reference also discloses transparently hiding the address of intemal host. 

61 . Regarding claims 42 and 48, argument regarding claims 42 and 48 has been answered in 
preceding paragraphs. 
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62. Regarding claim 43, argument regarding claims 43 has been answered in preceding 
paragraphs. 

I 

63. Regarding claim 46 and 47, applicant argues that Audebert does not disclose network 
mediator which is communicatively coupled to the computing device. However, the filtering 
device is communicatively coupled to the terminal. 

Conclusion 

64. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

65. Wesinger, Jr. et al. U.S. Pat. No. 6804783 discloses firewall providing enhanced network 
security and user transparency. 

66. Salo et al. U.S. Pat. No. 6609148 discloses client remote access to enterprise networks 
employing enterprise gateway servers in a centralized data center converting plurality of data 
requests for messaging and collaboration into a single request. - ~ 



THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 
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A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (571) 272-3789. The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private P AIRTor Public PAIR. "Status ihforrnation for unpublished - 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Shin-Hon Chen 
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